[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[infowar.de] Fwd: FC: Is menace of "cyberwar" overstated or not?
This is a forwarded message
From: Declan McCullagh <declan -!
- well -
To: politech -!
- politechbot -
Date: Friday, April 25, 2003, 4:42:20 PM
Subject: FC: Is menace of "cyberwar" overstated or not?
[It would be unwise to dismiss, as more systems are networked, the
possibility of actual physical harm performed remotely and electronically.
But it may require special knowledge possessed by insiders and in general
is far less a threat than other, traditional forms of vandalism and
From: "Richard M. Smith" <rms -!
- computerbytesman -
To: <JALewis -!
- csis -
org>, <declan -!
- well -
Subject: RE: Menace of Cyber War! Be Scared! Film at 11
Date: Fri, 25 Apr 2003 10:20:46 -0400
Message-ID: <000f01c30b35$dd5ae640$550ffea9 -!
X-Priority: 3 (Normal)
These few incidents probably qualify as cyberattacks against critical
Juvenile computer hacker cuts off FAA tower
Net saboteur faces 41 months
Aussie hacker jailed for sewage attacks
Two of them were done by insiders.
Reply-To: "Peter Rojas" <pete -!
- peterrojas -
From: "Peter Rojas" <pete -!
- peterrojas -
To: <declan -!
- well -
Subject: Re: Menace of Cyber War! Be Scared! Film at 11
Date: Fri, 25 Apr 2003 10:34:31 -0400
Hey, I don't like to engage in this kind of self-promotion, but I just wrote
a piece about how the threat of cyberterrorism during the war in Iraq was
Fears of cyberterrorism during the war on Iraq proved unfounded, says Peter
Rojas, but increased online security will benefit us all
Thursday April 24, 2003
The war in Iraq was supposed to dramatically raise the likelihood of a major
cyberterrorist attack against the US and its allies. Some even predicted a
"digital Pearl Harbor", an electronic assault that could have shut down
power plants, crippled the banking system, or disabled the air traffic
DK Matai, chairman and chief executive officer of the internet security firm
mi2g, predicted that it was highly likely that "the launch of a physical
attack on Iraq will see counterattacks from disgruntled Arab, Islamic
fundamentalist, and anti-American groups".
Now with the war winding down, fears that Iraq, al-Qaida or even sympathetic
hackers in Russia and China would open up a second front in cyberspace have
turned out to be completely unfounded, with little or no evidence that
either they or anyone else engaged in cyberterrorism. What happened?
Quite simply, the expected attacks just never materialised. According to Tim
Madden, a spokesman for Joint Task Force-Computer Network Operations
(JTF-CNO), created by the US Strategic Command to handle network defence and
attack, there has been no significant increase in attempts to infiltrate US
military computers since the war began.
Internet security firms confirm that since mid-March, the level of activity
has been almost normal. "We are seeing the same number of attacks today as
we were seeing two months ago," says Vincent Weafer, senior director of
Symantec Security Response. "We just haven't seen much evidence of any
The same cannot be said of US activities. It is widely assumed that JTF-CNO
engaged in hacking and electronic warfare against Iraq's telecommunications
and information infrastructure, although the Department of Defense refuses
to provide any specific details due to the classification of the operations.
There were some instances of war-related hacking over the past few weeks,
but nothing that would be considered cyberterrorism rather than
cybervandalism. Most of what has been seen, apart from a few
opportunistically timed worms and viruses, is a large number of website
defacements, the online equivalent of graffiti. Mikko Hypponen, the manager
of anti-virus research at internet security firm F-Secure, estimates that
altogether, there have been approximately 20,000 website defacements, both
pro- and anti-war, since mid-March, with the vast majority taking place
within the first few days.
Website defacements occur frequently, regardless of whether there is a war
going on, and generally do not result in the sort of disruption or economic
damage that can be caused by a virus or worm.
Brian Martin, a security expert with Attrition.org, believes that many would
have been done anyway: "There is absolutely no way to say if it is up or
down, or if these are just targets of opportunity and [hackers are finding]
a different justification for their activity than the day before."
The Unix Security Guards, a pro-Islamic group with members in Egypt,
Morocco, Kuwait and Indonesia, are thought to be responsible for hacking
hundreds of US government and commercial websites, inserting into many of
them the message that the group was part of the "New Era of Cyber War We
Promised". And despite the FBI cautioning pro-US hackers against engaging in
"patriotic hacking," a group calling itself the Patriot, Freedom Cyber Force
Militia hacked the website of the Arabic satellite news channel al-Jazeera.
There's curiously little proof that al-Qaida or other terrorist groups are
engaging in cyberterrorism. Robert Andrews, a congressional representative
from the state of New Jersey and a member of the House select committee on
homeland security, concedes that there is "no evidence on the public record"
that any terrorist group has ever launched an attack on the information
infrastructure of the US.
It turns out that the vast majority of network intrusions and hacking
attempts against US computers aren't the work of terrorists hiding out in
caves along the Pakistan/Afghanistan border, or hackers in Russia or China,
but originate within the US. One security firm estimates that 86% of all
"security events" can be traced back to the US. A crippling hacker attack
against America is more likely to be the work of bored high-school students
For example, in 1998, while the US was preparing to launch air strikes
against Iraq in Operation Desert Fox, the Pentagon discovered that its
computer networks had been compromised by an attack that appeared at first
to be the work of either several governments in the Middle East working
together or perhaps even Iraq itself. An investigation by the FBI revealed
the culprits to be two teenagers in California.
Some security experts wonder whether it makes sense to emphasise
cyberterrorism when there is a more immediate danger from cybercrime and
other online maliciousness. The SQL Slammer worm, which struck computers
earlier this year, causing considerable damage, is not believed to be the
work of either terrorists or a hostile government.
"Our networks really are insecure, and there is lots and lots of crime: that
is our biggest problem," says Bruce Schneier, founder and chief technical
officer of Counterpane Internet Security. His hope is that companies
strengthening their security in response to the perceived risk of cyber
terrorism will have the net effect of reducing what he sees as the real
danger -the rising level of criminal activity online.
There is even a chance that what Schneier hoped for came to pass during
these past few weeks and that the real reason there were no successful
attacks is not because none were attempted, but because security was
adequately strengthened beforehand.
In anticipation of the war, many companies began paying more attention to
the threat of hacker attacks, and beefed up security. Madden says that
because the Department of Defense is forced to "defend its computer networks
against intrusions every day, we had to do very little to prepare our
networks for possible conflict beyond taking extra precautions to ensure we
properly configured our networks and properly patched our software".
Even if the risk of cyberterrorism during the war was overstated, the threat
of a serious attack by a rogue nation or a terrorist group remains very
real, according to US government agencies.
Recent reports by the FBI and the Department of Homeland Security have
outlined the continuing danger of terrorist groups turning to the internet.
One particular concern is that cyberterrorism might be timed to coincide
with a physical terrorist attack, such as bombing a building while
simultaneously disabling the emergency response system, to ensure that the
maximum number of lives were lost.
Marcus Corbin, an analyst with the Center for Defense Information,
speculates that given the recent show of American military superiority in
Iraq, cyberterrorism might prove attractive to extremist groups looking for
a more level playing field on which to fight.
"The wish, after Iraq, to hurt us will be stronger, so interest in attacking
us through electronic means will grow greatly," he says. "Whether those
attacks will succeed will depend on how well we can defend our systems."
Congress Andrews predicts that if the US does not find a way to make its
critical infrastructure more secure, there will be a "significant
cyberattack within the next five years, whether it is on the 911 emergency
response system, the power grid, the banking system or the air traffic
Counterpane's Schneier contends that these kinds of attacks are harder to
execute than simply hacking a server, since most of the computers critical
to running power plants and air-traffic control systems are usually not
connected to the internet.
Disrupting the internet with worms or denial-of-service attacks is not
particularly attractive to terrorist groups since they lack the impact of a
bombing or hijacking. "Not being able to access the internet does not induce
terror or fear in people. Terrorists are out to cause fear, not
inconvenience," he says.
And even should a cyberterrorist attack prevail and shut down the power grid
or disrupt the emergency response system, "these sorts of outages and
problems tend to happen by accident already, so we have workarounds for
them", Schneier argues. "What we don't have workarounds for are people
flying planes into buildings or blowing up embassies."
· Send comments: online -
- guardian -
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
Declan McCullagh's photographs are at http://www.mccullagh.org/
Like Politech? Make a donation here: http://www.politechbot.com/donate/
Mail an infowar -
- infopeace -
de mit "unsubscribe" im Text.